Malware often incorporates advanced techniques to evade analysis and discovery by firewalls and sandboxes. When malware sees evidence that dynamic analysis is occurring, it can invoke different techniques to evade analysis, such as mimicking the behavior of harmless files that are typically ignored by threat detection systems. Traditional sandboxing approaches that signal their own presence — for example, by instrumenting underlying virtual machines (VM) to intercept malicious function calls — make the analysis environment visible.
Have you been the victim of cybercrime? If I asked you that question in 2012, you might have said, “I’m not sure.” But in 2017, I am sure your answer is, “Yes, I’ve been victimized many times.” That’s bad news. I joined SonicWall in 2012 and witnessed firsthand the rise of cybercrime headlines occurring on a monthly, weekly, and now daily basis.
“Inspect every packet, every time.” This has been my advice to any network admin or business owner for many years. This is equally important in regards to encrypted traffic. Much of the Internet has become encrypted, meaning that it can only be perused and accessed over HTTPS. While this rightly includes traffic such as online banking and financial sites, it also now includes webmail, social media, online streaming video, music and even search engines.
As intranet networks grow and evolve over time, often duplicate, or even multiple, paths are created to reach a destination. As these paths evolve and get more complex, they can result in failed links. Interior Gateway Protocols provide fast re-routing around these failed links using link-state algorithms, such as Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS).
Last month, I wrote how we found nearly 26,500 new forms of malware and shared some general stats. Let’s take a look at the new threats found by SonicWall’s network sandbox, Capture Advanced Threat Protection (ATP). While the general number of new threats dropped, there were some interesting figures and trends to point out.
Equifax just rolled into the history books as the victim of one of the most widespread and dangerous data breaches of all time. The breach happened on March 10, 2017, at which time the cyber criminals leveraged the critical remote code execution vulnerability CVE-2017-5638 on Apache Struts2. This attack highlights the value of an Intrusion Prevention System (IPS) and virtual patching security technologies.
Over the past few months, Verizon has launched a series of television ads in which the main character utters the line, “Right plan, wrong network.” The actor saying the line is talking to another character who is clearly having an unhappy experience with his/her cellular connection. If you own a mobile phone, it’s likely you’ve gone through something similar at one point.
Keeping organizations running safely, while improving business and user productivity in today’s accelerating threat environment, continues to be a non-trivial task for IT leaders. At the current pace of cyber attacks, we understand all too well that the effects of recent events, such as the Equifax, WannaCry and NotPetya attacks, have demonstrated their capacity to change the global business environment from normal to total hysteria in the blink of an eye.
Today I am excited to share the new addition to SonicWall’s NSA product family of Next-Generation Firewalls, the NSA 2650. Three key trends form the design drivers for the new NSA 2650 – Wireless Devices Explosion – The demand for increased bandwidth from wireless networks is constantly on the rise with the growing number of wireless devices used per person.
I am pleased to announce that, Dell EMC is now shipping the OEM version of the SonicWall next-generation cyber security firewall solutions in the United States and Canada. Continuing on our long time partnership and resale relationship, Dell EMC will offer the powerful combination of SonicWall’s innovative threat protection technology and Dell EMC’s broad set of solutions from the data center all the way to endpoint devices.